Lucene search
+L

15 matches found

osv
osv
added 2026/04/02 6:42 p.m.7 views

GO-2026-4893 Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField in github.com/traefik/traefik

Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField in github.com/traefik/traefik...

8.8CVSS5.9AI score0.00469EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2026/04/02 12:0 a.m.7 views

PT-2026-29940

Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField in github.com/traefik/traefik...

5CVSS5.9AI score0.00469EPSS
Exploits1References6
susecve
susecve
added 2026/03/30 11:28 p.m.7 views

SUSE CVE-2026-33433

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when headerField is configured with a non-canonical HTTP header name e.g., x-auth-user instead of X-Auth-User, an authenticated attacker can inject their own canonical version of that header to...

8.8CVSS5.9AI score0.00469EPSS
Exploits1References4
redhatcve
redhatcve
added 2026/03/27 10:33 p.m.4 views

CVE-2026-33433

A flaw was found in Traefik, an HTTP reverse proxy and load balancer. When the headerField is configured with a non-canonical HTTP header name, an authenticated attacker can inject a canonical version of that header. This allows the attacker to impersonate any identity to the backend, leading to ...

7.7CVSS5.8AI score0.00469EPSS
Exploits1References7
euvd
euvd
added 2026/03/27 8:35 p.m.5 views

EUVD-2026-16616

Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField...

5CVSS5.9AI score0.00469EPSS
Exploits1References5
osv
osv
added 2026/03/27 8:35 p.m.5 views

GHSA-QR99-7898-VR7C Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField

Summary There is a potential vulnerability in Traefik's Basic and Digest authentication middlewares when headerField is configured with a non-canonical HTTP header name. An authenticated attacker with valid credentials can inject the canonical version of the configured header to impersonate any...

5CVSS5.9AI score0.00469EPSS
Exploits1References6
nvd
nvd
added 2026/03/27 3:16 p.m.8 views

CVE-2026-33433

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when headerField is configured with a non-canonical HTTP header name e.g., x-auth-user instead of X-Auth-User, an authenticated attacker can inject their own canonical version of that header to...

8.8CVSS0.00469EPSS
Exploits1References8
vulnrichment
vulnrichment
added 2026/03/27 1:49 p.m.3 views

CVE-2026-33433 Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when headerField is configured with a non-canonical HTTP header name e.g., x-auth-user instead of X-Auth-User, an authenticated attacker can inject their own canonical version of that header to...

5CVSS5.9AI score0.00469EPSS
Exploits1References4
attackerkb
attackerkb
added 2026/03/27 1:49 p.m.4 views

CVE-2026-33433

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when headerField is configured with a non-canonical HTTP header name e.g., x-auth-user instead of X-Auth-User, an authenticated attacker can inject their own canonical version of that header to...

5CVSS5.9AI score0.00469EPSS
Exploits1References5Affected Software1
cve
cve
added 2026/03/27 1:49 p.m.15 views

CVE-2026-33433

CVE-2026-33433 affects Traefik prior to 2.11.42, 3.6.11, and 3.7.0-ea.3. A vulnerability in the BasicAuth/DigestAuth middlewares arises when headerField is configured with a non-canonical HTTP header name (for example x-auth-user). An authenticated attacker can inject a canonical version of that ...

8.8CVSS5.9AI score0.00469EPSS
Exploits1References8Affected Software1
alpinelinux
alpinelinux
added 2026/03/27 1:49 p.m.3 views

CVE-2026-33433

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when headerField is configured with a non-canonical HTTP header name e.g., x-auth-user instead of X-Auth-User, an authenticated attacker can inject their own canonical version of that header to...

8.8CVSS5.9AI score0.00469EPSS
Exploits1References4
osv
osv
added 2026/03/27 1:49 p.m.5 views

CVE-2026-33433 Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when headerField is configured with a non-canonical HTTP header name e.g., x-auth-user instead of X-Auth-User, an authenticated attacker can inject their own canonical version of that header to...

5CVSS5.9AI score0.00469EPSS
Exploits1References10
cvelist
cvelist
added 2026/03/27 1:49 p.m.22 views

CVE-2026-33433 Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when headerField is configured with a non-canonical HTTP header name e.g., x-auth-user instead of X-Auth-User, an authenticated attacker can inject their own canonical version of that header to...

5CVSS0.00469EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2025/03/27 12:0 a.m.6 views

PT-2026-28482

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.42 Traefik versions prior to 3.6.12 Traefik versions prior to 3.7.0-ea.3 Description Traefik, an HTTP reverse proxy and load balancer, is susceptible to an identity impersonation issue. When the headerField...

9CVSS5.9AI score0.00469EPSS
Exploits1References54
osv
osv
added 2022/12/09 2:59 p.m.6 views

SUSE-SU-2022:4397-1 Security update for go1.19

This update for go1.19 fixes the following issues: Update to version 1.19.4, includes the following security fixes: - CVE-2022-41717: net/http: limit canonical header cache by bytes, not entries bsc1206135. - CVE-2022-41720: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows...

7.5CVSS6.6AI score0.05623EPSS
Exploits0References6
Rows per page
Query Builder